1 /* 2 * Copyright (c) 1989, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * @(#)kern_ktrace.c 8.2 (Berkeley) 9/23/93 34 * $FreeBSD$ 35 */ 36 37 #include "opt_ktrace.h" 38 39 #include <sys/param.h> 40 #include <sys/systm.h> 41 #include <sys/fcntl.h> 42 #include <sys/jail.h> 43 #include <sys/kernel.h> 44 #include <sys/kthread.h> 45 #include <sys/lock.h> 46 #include <sys/mutex.h> 47 #include <sys/malloc.h> 48 #include <sys/namei.h> 49 #include <sys/proc.h> 50 #include <sys/unistd.h> 51 #include <sys/vnode.h> 52 #include <sys/ktrace.h> 53 #include <sys/sema.h> 54 #include <sys/sx.h> 55 #include <sys/sysctl.h> 56 #include <sys/syslog.h> 57 #include <sys/sysproto.h> 58 59 static MALLOC_DEFINE(M_KTRACE, "KTRACE", "KTRACE"); 60 61 #ifdef KTRACE 62 63 #ifndef KTRACE_REQUEST_POOL 64 #define KTRACE_REQUEST_POOL 100 65 #endif 66 67 struct ktr_request { 68 struct ktr_header ktr_header; 69 struct ucred *ktr_cred; 70 struct vnode *ktr_vp; 71 union { 72 struct ktr_syscall ktr_syscall; 73 struct ktr_sysret ktr_sysret; 74 struct ktr_genio ktr_genio; 75 struct ktr_psig ktr_psig; 76 struct ktr_csw ktr_csw; 77 } ktr_data; 78 int ktr_synchronous; 79 STAILQ_ENTRY(ktr_request) ktr_list; 80 }; 81 82 static int data_lengths[] = { 83 0, /* none */ 84 offsetof(struct ktr_syscall, ktr_args), /* KTR_SYSCALL */ 85 sizeof(struct ktr_sysret), /* KTR_SYSRET */ 86 0, /* KTR_NAMEI */ 87 sizeof(struct ktr_genio), /* KTR_GENIO */ 88 sizeof(struct ktr_psig), /* KTR_PSIG */ 89 sizeof(struct ktr_csw), /* KTR_CSW */ 90 0 /* KTR_USER */ 91 }; 92 93 static STAILQ_HEAD(, ktr_request) ktr_todo; 94 static STAILQ_HEAD(, ktr_request) ktr_free; 95 96 static uint ktr_requestpool = KTRACE_REQUEST_POOL; 97 TUNABLE_INT("kern.ktrace_request_pool", &ktr_requestpool); 98 99 static int print_message = 1; 100 struct mtx ktrace_mtx; 101 static struct sema ktrace_sema; 102 103 static void ktrace_init(void *dummy); 104 static int sysctl_kern_ktrace_request_pool(SYSCTL_HANDLER_ARGS); 105 static uint ktrace_resize_pool(uint newsize); 106 static struct ktr_request *ktr_getrequest(int type); 107 static void ktr_submitrequest(struct ktr_request *req); 108 static void ktr_freerequest(struct ktr_request *req); 109 static void ktr_loop(void *dummy); 110 static void ktr_writerequest(struct ktr_request *req); 111 static int ktrcanset(struct thread *,struct proc *); 112 static int ktrsetchildren(struct thread *,struct proc *,int,int,struct vnode *); 113 static int ktrops(struct thread *,struct proc *,int,int,struct vnode *); 114 115 static void 116 ktrace_init(void *dummy) 117 { 118 struct ktr_request *req; 119 int i; 120 121 mtx_init(&ktrace_mtx, "ktrace", NULL, MTX_DEF | MTX_QUIET); 122 sema_init(&ktrace_sema, 0, "ktrace"); 123 STAILQ_INIT(&ktr_todo); 124 STAILQ_INIT(&ktr_free); 125 for (i = 0; i < ktr_requestpool; i++) { 126 req = malloc(sizeof(struct ktr_request), M_KTRACE, M_WAITOK); 127 STAILQ_INSERT_HEAD(&ktr_free, req, ktr_list); 128 } 129 kthread_create(ktr_loop, NULL, NULL, RFHIGHPID, "ktrace"); 130 } 131 SYSINIT(ktrace_init, SI_SUB_KTRACE, SI_ORDER_ANY, ktrace_init, NULL); 132 133 static int 134 sysctl_kern_ktrace_request_pool(SYSCTL_HANDLER_ARGS) 135 { 136 struct thread *td; 137 uint newsize, oldsize, wantsize; 138 int error; 139 140 /* Handle easy read-only case first to avoid warnings from GCC. */ 141 if (!req->newptr) { 142 mtx_lock(&ktrace_mtx); 143 oldsize = ktr_requestpool; 144 mtx_unlock(&ktrace_mtx); 145 return (SYSCTL_OUT(req, &oldsize, sizeof(uint))); 146 } 147 148 error = SYSCTL_IN(req, &wantsize, sizeof(uint)); 149 if (error) 150 return (error); 151 td = curthread; 152 td->td_inktrace = 1; 153 mtx_lock(&ktrace_mtx); 154 oldsize = ktr_requestpool; 155 newsize = ktrace_resize_pool(wantsize); 156 mtx_unlock(&ktrace_mtx); 157 td->td_inktrace = 0; 158 error = SYSCTL_OUT(req, &oldsize, sizeof(uint)); 159 if (error) 160 return (error); 161 if (newsize != wantsize) 162 return (ENOSPC); 163 return (0); 164 } 165 SYSCTL_PROC(_kern, OID_AUTO, ktrace_request_pool, CTLTYPE_UINT|CTLFLAG_RW, 166 &ktr_requestpool, 0, sysctl_kern_ktrace_request_pool, "IU", ""); 167 168 static uint 169 ktrace_resize_pool(uint newsize) 170 { 171 struct ktr_request *req; 172 173 mtx_assert(&ktrace_mtx, MA_OWNED); 174 print_message = 1; 175 if (newsize == ktr_requestpool) 176 return (newsize); 177 if (newsize < ktr_requestpool) 178 /* Shrink pool down to newsize if possible. */ 179 while (ktr_requestpool > newsize) { 180 req = STAILQ_FIRST(&ktr_free); 181 if (req == NULL) 182 return (ktr_requestpool); 183 STAILQ_REMOVE_HEAD(&ktr_free, ktr_list); 184 ktr_requestpool--; 185 mtx_unlock(&ktrace_mtx); 186 free(req, M_KTRACE); 187 mtx_lock(&ktrace_mtx); 188 } 189 else 190 /* Grow pool up to newsize. */ 191 while (ktr_requestpool < newsize) { 192 mtx_unlock(&ktrace_mtx); 193 req = malloc(sizeof(struct ktr_request), M_KTRACE, 194 M_WAITOK); 195 mtx_lock(&ktrace_mtx); 196 STAILQ_INSERT_HEAD(&ktr_free, req, ktr_list); 197 ktr_requestpool++; 198 } 199 return (ktr_requestpool); 200 } 201 202 static struct ktr_request * 203 ktr_getrequest(int type) 204 { 205 struct ktr_request *req; 206 struct thread *td = curthread; 207 struct proc *p = td->td_proc; 208 int pm; 209 210 td->td_inktrace = 1; 211 mtx_lock(&ktrace_mtx); 212 if (!KTRCHECK(td, type)) { 213 mtx_unlock(&ktrace_mtx); 214 td->td_inktrace = 0; 215 return (NULL); 216 } 217 req = STAILQ_FIRST(&ktr_free); 218 if (req != NULL) { 219 STAILQ_REMOVE_HEAD(&ktr_free, ktr_list); 220 req->ktr_header.ktr_type = type; 221 KASSERT(p->p_tracep != NULL, ("ktrace: no trace vnode")); 222 req->ktr_vp = p->p_tracep; 223 VREF(p->p_tracep); 224 mtx_unlock(&ktrace_mtx); 225 microtime(&req->ktr_header.ktr_time); 226 req->ktr_header.ktr_pid = p->p_pid; 227 bcopy(p->p_comm, req->ktr_header.ktr_comm, MAXCOMLEN + 1); 228 req->ktr_cred = crhold(td->td_ucred); 229 req->ktr_header.ktr_buffer = NULL; 230 req->ktr_header.ktr_len = 0; 231 req->ktr_synchronous = 0; 232 } else { 233 pm = print_message; 234 print_message = 0; 235 mtx_unlock(&ktrace_mtx); 236 if (pm) 237 printf("Out of ktrace request objects.\n"); 238 td->td_inktrace = 0; 239 } 240 return (req); 241 } 242 243 static void 244 ktr_submitrequest(struct ktr_request *req) 245 { 246 247 mtx_lock(&ktrace_mtx); 248 STAILQ_INSERT_TAIL(&ktr_todo, req, ktr_list); 249 sema_post(&ktrace_sema); 250 if (req->ktr_synchronous) { 251 /* 252 * For a synchronous request, we wait for the ktrace thread 253 * to get to our item in the todo list and wake us up. Then 254 * we write the request out ourselves and wake the ktrace 255 * thread back up. 256 */ 257 msleep(req, &ktrace_mtx, curthread->td_priority, "ktrsync", 0); 258 mtx_unlock(&ktrace_mtx); 259 ktr_writerequest(req); 260 mtx_lock(&ktrace_mtx); 261 wakeup(req); 262 } 263 mtx_unlock(&ktrace_mtx); 264 curthread->td_inktrace = 0; 265 } 266 267 static void 268 ktr_freerequest(struct ktr_request *req) 269 { 270 271 crfree(req->ktr_cred); 272 mtx_lock(&Giant); 273 vrele(req->ktr_vp); 274 mtx_unlock(&Giant); 275 mtx_lock(&ktrace_mtx); 276 STAILQ_INSERT_HEAD(&ktr_free, req, ktr_list); 277 mtx_unlock(&ktrace_mtx); 278 } 279 280 static void 281 ktr_loop(void *dummy) 282 { 283 struct ktr_request *req; 284 struct thread *td; 285 struct ucred *cred; 286 287 /* Only cache these values once. */ 288 td = curthread; 289 cred = td->td_ucred; 290 for (;;) { 291 sema_wait(&ktrace_sema); 292 mtx_lock(&ktrace_mtx); 293 req = STAILQ_FIRST(&ktr_todo); 294 STAILQ_REMOVE_HEAD(&ktr_todo, ktr_list); 295 KASSERT(req != NULL, ("got a NULL request")); 296 if (req->ktr_synchronous) { 297 wakeup(req); 298 msleep(req, &ktrace_mtx, curthread->td_priority, 299 "ktrwait", 0); 300 mtx_unlock(&ktrace_mtx); 301 } else { 302 mtx_unlock(&ktrace_mtx); 303 /* 304 * It is not enough just to pass the cached cred 305 * to the VOP's in ktr_writerequest(). Some VFS 306 * operations use curthread->td_ucred, so we need 307 * to modify our thread's credentials as well. 308 * Evil. 309 */ 310 td->td_ucred = req->ktr_cred; 311 ktr_writerequest(req); 312 td->td_ucred = cred; 313 } 314 ktr_freerequest(req); 315 } 316 } 317 318 /* 319 * MPSAFE 320 */ 321 void 322 ktrsyscall(code, narg, args) 323 int code, narg; 324 register_t args[]; 325 { 326 struct ktr_request *req; 327 struct ktr_syscall *ktp; 328 size_t buflen; 329 330 req = ktr_getrequest(KTR_SYSCALL); 331 if (req == NULL) 332 return; 333 ktp = &req->ktr_data.ktr_syscall; 334 ktp->ktr_code = code; 335 ktp->ktr_narg = narg; 336 buflen = sizeof(register_t) * narg; 337 if (buflen > 0) { 338 req->ktr_header.ktr_buffer = malloc(buflen, M_KTRACE, M_WAITOK); 339 bcopy(args, req->ktr_header.ktr_buffer, buflen); 340 req->ktr_header.ktr_len = buflen; 341 } 342 ktr_submitrequest(req); 343 } 344 345 /* 346 * MPSAFE 347 */ 348 void 349 ktrsysret(code, error, retval) 350 int code, error; 351 register_t retval; 352 { 353 struct ktr_request *req; 354 struct ktr_sysret *ktp; 355 356 req = ktr_getrequest(KTR_SYSRET); 357 if (req == NULL) 358 return; 359 ktp = &req->ktr_data.ktr_sysret; 360 ktp->ktr_code = code; 361 ktp->ktr_error = error; 362 ktp->ktr_retval = retval; /* what about val2 ? */ 363 ktr_submitrequest(req); 364 } 365 366 void 367 ktrnamei(path) 368 char *path; 369 { 370 struct ktr_request *req; 371 int namelen; 372 373 req = ktr_getrequest(KTR_NAMEI); 374 if (req == NULL) 375 return; 376 namelen = strlen(path); 377 if (namelen > 0) { 378 req->ktr_header.ktr_len = namelen; 379 req->ktr_header.ktr_buffer = malloc(namelen, M_KTRACE, 380 M_WAITOK); 381 bcopy(path, req->ktr_header.ktr_buffer, namelen); 382 } 383 ktr_submitrequest(req); 384 } 385 386 /* 387 * Since the uio may not stay valid, we can not hand off this request to 388 * the thread and need to process it synchronously. However, we wish to 389 * keep the relative order of records in a trace file correct, so we 390 * do put this request on the queue (if it isn't empty) and then block. 391 * The ktrace thread waks us back up when it is time for this event to 392 * be posted and blocks until we have completed writing out the event 393 * and woken it back up. 394 */ 395 void 396 ktrgenio(fd, rw, uio, error) 397 int fd; 398 enum uio_rw rw; 399 struct uio *uio; 400 int error; 401 { 402 struct ktr_request *req; 403 struct ktr_genio *ktg; 404 405 if (error) 406 return; 407 req = ktr_getrequest(KTR_GENIO); 408 if (req == NULL) 409 return; 410 ktg = &req->ktr_data.ktr_genio; 411 ktg->ktr_fd = fd; 412 ktg->ktr_rw = rw; 413 req->ktr_header.ktr_buffer = uio; 414 uio->uio_offset = 0; 415 uio->uio_rw = UIO_WRITE; 416 req->ktr_synchronous = 1; 417 ktr_submitrequest(req); 418 } 419 420 void 421 ktrpsig(sig, action, mask, code) 422 int sig; 423 sig_t action; 424 sigset_t *mask; 425 int code; 426 { 427 struct ktr_request *req; 428 struct ktr_psig *kp; 429 430 req = ktr_getrequest(KTR_PSIG); 431 if (req == NULL) 432 return; 433 kp = &req->ktr_data.ktr_psig; 434 kp->signo = (char)sig; 435 kp->action = action; 436 kp->mask = *mask; 437 kp->code = code; 438 ktr_submitrequest(req); 439 } 440 441 void 442 ktrcsw(out, user) 443 int out, user; 444 { 445 struct ktr_request *req; 446 struct ktr_csw *kc; 447 448 req = ktr_getrequest(KTR_CSW); 449 if (req == NULL) 450 return; 451 kc = &req->ktr_data.ktr_csw; 452 kc->out = out; 453 kc->user = user; 454 ktr_submitrequest(req); 455 } 456 #endif 457 458 /* Interface and common routines */ 459 460 /* 461 * ktrace system call 462 */ 463 #ifndef _SYS_SYSPROTO_H_ 464 struct ktrace_args { 465 char *fname; 466 int ops; 467 int facs; 468 int pid; 469 }; 470 #endif 471 /* ARGSUSED */ 472 int 473 ktrace(td, uap) 474 struct thread *td; 475 register struct ktrace_args *uap; 476 { 477 #ifdef KTRACE 478 register struct vnode *vp = NULL; 479 register struct proc *p; 480 struct pgrp *pg; 481 int facs = uap->facs & ~KTRFAC_ROOT; 482 int ops = KTROP(uap->ops); 483 int descend = uap->ops & KTRFLAG_DESCEND; 484 int ret = 0; 485 int flags, error = 0; 486 struct nameidata nd; 487 488 td->td_inktrace = 1; 489 if (ops != KTROP_CLEAR) { 490 /* 491 * an operation which requires a file argument. 492 */ 493 NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_USERSPACE, uap->fname, td); 494 flags = FREAD | FWRITE | O_NOFOLLOW; 495 error = vn_open(&nd, &flags, 0); 496 if (error) { 497 td->td_inktrace = 0; 498 return (error); 499 } 500 NDFREE(&nd, NDF_ONLY_PNBUF); 501 vp = nd.ni_vp; 502 VOP_UNLOCK(vp, 0, td); 503 if (vp->v_type != VREG) { 504 (void) vn_close(vp, FREAD|FWRITE, td->td_ucred, td); 505 td->td_inktrace = 0; 506 return (EACCES); 507 } 508 } 509 /* 510 * Clear all uses of the tracefile. 511 */ 512 if (ops == KTROP_CLEARFILE) { 513 sx_slock(&allproc_lock); 514 LIST_FOREACH(p, &allproc, p_list) { 515 PROC_LOCK(p); 516 if (p->p_tracep == vp) { 517 if (ktrcanset(td, p)) { 518 mtx_lock(&ktrace_mtx); 519 p->p_tracep = NULL; 520 p->p_traceflag = 0; 521 mtx_unlock(&ktrace_mtx); 522 PROC_UNLOCK(p); 523 (void) vn_close(vp, FREAD|FWRITE, 524 td->td_ucred, td); 525 } else { 526 PROC_UNLOCK(p); 527 error = EPERM; 528 } 529 } else 530 PROC_UNLOCK(p); 531 } 532 sx_sunlock(&allproc_lock); 533 goto done; 534 } 535 /* 536 * need something to (un)trace (XXX - why is this here?) 537 */ 538 if (!facs) { 539 error = EINVAL; 540 goto done; 541 } 542 /* 543 * do it 544 */ 545 if (uap->pid < 0) { 546 /* 547 * by process group 548 */ 549 sx_slock(&proctree_lock); 550 pg = pgfind(-uap->pid); 551 if (pg == NULL) { 552 sx_sunlock(&proctree_lock); 553 error = ESRCH; 554 goto done; 555 } 556 /* 557 * ktrops() may call vrele(). Lock pg_members 558 * by the proctree_lock rather than pg_mtx. 559 */ 560 PGRP_UNLOCK(pg); 561 LIST_FOREACH(p, &pg->pg_members, p_pglist) 562 if (descend) 563 ret |= ktrsetchildren(td, p, ops, facs, vp); 564 else 565 ret |= ktrops(td, p, ops, facs, vp); 566 sx_sunlock(&proctree_lock); 567 } else { 568 /* 569 * by pid 570 */ 571 p = pfind(uap->pid); 572 if (p == NULL) { 573 error = ESRCH; 574 goto done; 575 } 576 PROC_UNLOCK(p); 577 /* XXX: UNLOCK above has a race */ 578 if (descend) 579 ret |= ktrsetchildren(td, p, ops, facs, vp); 580 else 581 ret |= ktrops(td, p, ops, facs, vp); 582 } 583 if (!ret) 584 error = EPERM; 585 done: 586 if (vp != NULL) 587 (void) vn_close(vp, FWRITE, td->td_ucred, td); 588 td->td_inktrace = 0; 589 return (error); 590 #else 591 return ENOSYS; 592 #endif 593 } 594 595 /* 596 * utrace system call 597 */ 598 /* ARGSUSED */ 599 int 600 utrace(td, uap) 601 struct thread *td; 602 register struct utrace_args *uap; 603 { 604 605 #ifdef KTRACE 606 struct ktr_request *req; 607 void *cp; 608 609 if (uap->len > KTR_USER_MAXLEN) 610 return (EINVAL); 611 req = ktr_getrequest(KTR_USER); 612 if (req == NULL) 613 return (0); 614 cp = malloc(uap->len, M_KTRACE, M_WAITOK); 615 if (!copyin(uap->addr, cp, uap->len)) { 616 req->ktr_header.ktr_buffer = cp; 617 req->ktr_header.ktr_len = uap->len; 618 ktr_submitrequest(req); 619 } else { 620 ktr_freerequest(req); 621 td->td_inktrace = 0; 622 } 623 return (0); 624 #else 625 return (ENOSYS); 626 #endif 627 } 628 629 #ifdef KTRACE 630 static int 631 ktrops(td, p, ops, facs, vp) 632 struct thread *td; 633 struct proc *p; 634 int ops, facs; 635 struct vnode *vp; 636 { 637 struct vnode *tracevp = NULL; 638 639 PROC_LOCK(p); 640 if (!ktrcanset(td, p)) { 641 PROC_UNLOCK(p); 642 return (0); 643 } 644 mtx_lock(&ktrace_mtx); 645 if (ops == KTROP_SET) { 646 if (p->p_tracep != vp) { 647 /* 648 * if trace file already in use, relinquish below 649 */ 650 tracevp = p->p_tracep; 651 VREF(vp); 652 p->p_tracep = vp; 653 } 654 p->p_traceflag |= facs; 655 if (td->td_ucred->cr_uid == 0) 656 p->p_traceflag |= KTRFAC_ROOT; 657 } else { 658 /* KTROP_CLEAR */ 659 if (((p->p_traceflag &= ~facs) & KTRFAC_MASK) == 0) { 660 /* no more tracing */ 661 p->p_traceflag = 0; 662 tracevp = p->p_tracep; 663 p->p_tracep = NULL; 664 } 665 } 666 mtx_unlock(&ktrace_mtx); 667 PROC_UNLOCK(p); 668 if (tracevp != NULL) 669 vrele(tracevp); 670 671 return (1); 672 } 673 674 static int 675 ktrsetchildren(td, top, ops, facs, vp) 676 struct thread *td; 677 struct proc *top; 678 int ops, facs; 679 struct vnode *vp; 680 { 681 register struct proc *p; 682 register int ret = 0; 683 684 p = top; 685 sx_slock(&proctree_lock); 686 for (;;) { 687 ret |= ktrops(td, p, ops, facs, vp); 688 /* 689 * If this process has children, descend to them next, 690 * otherwise do any siblings, and if done with this level, 691 * follow back up the tree (but not past top). 692 */ 693 if (!LIST_EMPTY(&p->p_children)) 694 p = LIST_FIRST(&p->p_children); 695 else for (;;) { 696 if (p == top) { 697 sx_sunlock(&proctree_lock); 698 return (ret); 699 } 700 if (LIST_NEXT(p, p_sibling)) { 701 p = LIST_NEXT(p, p_sibling); 702 break; 703 } 704 p = p->p_pptr; 705 } 706 } 707 /*NOTREACHED*/ 708 } 709 710 static void 711 ktr_writerequest(struct ktr_request *req) 712 { 713 struct ktr_header *kth; 714 struct vnode *vp; 715 struct uio *uio = NULL; 716 struct proc *p; 717 struct thread *td; 718 struct ucred *cred; 719 struct uio auio; 720 struct iovec aiov[3]; 721 struct mount *mp; 722 int datalen, buflen, vrele_count; 723 int error; 724 725 vp = req->ktr_vp; 726 /* 727 * If vp is NULL, the vp has been cleared out from under this 728 * request, so just drop it. 729 */ 730 if (vp == NULL) 731 return; 732 kth = &req->ktr_header; 733 datalen = data_lengths[kth->ktr_type]; 734 buflen = kth->ktr_len; 735 cred = req->ktr_cred; 736 td = curthread; 737 auio.uio_iov = &aiov[0]; 738 auio.uio_offset = 0; 739 auio.uio_segflg = UIO_SYSSPACE; 740 auio.uio_rw = UIO_WRITE; 741 aiov[0].iov_base = (caddr_t)kth; 742 aiov[0].iov_len = sizeof(struct ktr_header); 743 auio.uio_resid = sizeof(struct ktr_header); 744 auio.uio_iovcnt = 1; 745 auio.uio_td = td; 746 if (datalen != 0) { 747 aiov[1].iov_base = (caddr_t)&req->ktr_data; 748 aiov[1].iov_len = datalen; 749 auio.uio_resid += datalen; 750 auio.uio_iovcnt++; 751 kth->ktr_len += datalen; 752 } 753 if (buflen != 0) { 754 KASSERT(kth->ktr_buffer != NULL, ("ktrace: nothing to write")); 755 aiov[auio.uio_iovcnt].iov_base = kth->ktr_buffer; 756 aiov[auio.uio_iovcnt].iov_len = buflen; 757 auio.uio_resid += buflen; 758 auio.uio_iovcnt++; 759 } else 760 uio = kth->ktr_buffer; 761 KASSERT((uio == NULL) ^ (kth->ktr_type == KTR_GENIO), 762 ("ktrace: uio and genio mismatch")); 763 if (uio != NULL) 764 kth->ktr_len += uio->uio_resid; 765 mtx_lock(&Giant); 766 vn_start_write(vp, &mp, V_WAIT); 767 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); 768 (void)VOP_LEASE(vp, td, cred, LEASE_WRITE); 769 error = VOP_WRITE(vp, &auio, IO_UNIT | IO_APPEND, cred); 770 if (error == 0 && uio != NULL) { 771 (void)VOP_LEASE(vp, td, cred, LEASE_WRITE); 772 error = VOP_WRITE(vp, uio, IO_UNIT | IO_APPEND, cred); 773 } 774 VOP_UNLOCK(vp, 0, td); 775 vn_finished_write(mp); 776 mtx_unlock(&Giant); 777 if (buflen != 0) 778 free(kth->ktr_buffer, M_KTRACE); 779 if (!error) 780 return; 781 /* 782 * If error encountered, give up tracing on this vnode. We defer 783 * all the vrele()'s on the vnode until after we are finished walking 784 * the various lists to avoid needlessly holding locks. 785 */ 786 log(LOG_NOTICE, "ktrace write failed, errno %d, tracing stopped\n", 787 error); 788 vrele_count = 0; 789 /* 790 * First, clear this vnode from being used by any processes in the 791 * system. 792 * XXX - If one process gets an EPERM writing to the vnode, should 793 * we really do this? Other processes might have suitable 794 * credentials for the operation. 795 */ 796 sx_slock(&allproc_lock); 797 LIST_FOREACH(p, &allproc, p_list) { 798 PROC_LOCK(p); 799 if (p->p_tracep == vp) { 800 mtx_lock(&ktrace_mtx); 801 p->p_tracep = NULL; 802 p->p_traceflag = 0; 803 mtx_unlock(&ktrace_mtx); 804 vrele_count++; 805 } 806 PROC_UNLOCK(p); 807 } 808 sx_sunlock(&allproc_lock); 809 /* 810 * Second, clear this vnode from any pending requests. 811 */ 812 mtx_lock(&ktrace_mtx); 813 STAILQ_FOREACH(req, &ktr_todo, ktr_list) { 814 if (req->ktr_vp == vp) { 815 req->ktr_vp = NULL; 816 vrele_count++; 817 } 818 } 819 mtx_unlock(&ktrace_mtx); 820 mtx_lock(&Giant); 821 while (vrele_count-- > 0) 822 vrele(vp); 823 mtx_unlock(&Giant); 824 } 825 826 /* 827 * Return true if caller has permission to set the ktracing state 828 * of target. Essentially, the target can't possess any 829 * more permissions than the caller. KTRFAC_ROOT signifies that 830 * root previously set the tracing status on the target process, and 831 * so, only root may further change it. 832 */ 833 static int 834 ktrcanset(td, targetp) 835 struct thread *td; 836 struct proc *targetp; 837 { 838 839 PROC_LOCK_ASSERT(targetp, MA_OWNED); 840 if (targetp->p_traceflag & KTRFAC_ROOT && 841 suser_cred(td->td_ucred, PRISON_ROOT)) 842 return (0); 843 844 if (p_candebug(td, targetp) != 0) 845 return (0); 846 847 return (1); 848 } 849 850 #endif /* KTRACE */ 851